5151955566010e9b5e8a986c01b01e04 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

5151955566010e9b5e8a986c01b01e04
Size

310KB
MD5

5151955566010e9b5e8a986c01b01e04
SHA1

b87a09a663fa39507852ec39d2e032ab7e966c0a
SHA256

dc966c00e13edd90bc36bf7e12475dc545d4d67ff11de58bffe1d221f4c86ea3
SHA512

42b3098ab386b8b5a751378a013e7b77cd13812f416605fe5f2bb47ef45fe219d9f5666f7ee857cd51adb24e648d94ecf6671ae9e9397e2b0f85990b2fb6e67d
SSDEEP

6144:zpAGWR6WxfvPlAhyLXHFJYlEBVkg0s0/JgW+5d3+PpE2u1PiTfTCL:VhAtvqMXjYEnU/eW+5UpY6/CL

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5151955566010e9b5e8a986c01b01e04

Files

5151955566010e9b5e8a986c01b01e04
.exe windows:4 windows x86 arch:x86

971831c6688a7453908a5707df2a9591

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

WaitForSingleObject
LoadLibraryA
GetModuleHandleA
GetCurrentProcessId
HeapCreate
GetTimeFormatA
HeapDestroy
GetSystemTime
InterlockedExchange
GetOEMCP
ResumeThread
GlobalMemoryStatus
GlobalSize
IsDebuggerPresent
PeekConsoleInputA
GetCommandLineA
FreeConsole
GetUserDefaultLCID
VirtualProtect
GetTapeStatus
GetACP

user32

GetParent
GetWindow
SetForegroundWindow
FrameRect
GetFocus
DragDetect
ShowWindow
FillRect
GetDC
wsprintfA
GetCursorPos
CreateIcon
GetClassNameA
GetTitleBarInfo
ReleaseDC
DrawTextA
EndPaint
BeginPaint
AnyPopup

ntshrui

IsFolderPrivateForUser
IsPathSharedA
SetFolderPermissionsForSharing
GetNetResourceFromLocalPathA
GetLocalPathFromNetResourceA

msutb

GetPopupTipbar

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 1.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ